Method for making secure a session with data processing means under the control of several entities

ABSTRACT

The invention concerns a method for making secure the execution of a session with processing means, such as a smart card (CA), under the control of at least two entities, such as servers (EX, EY), which consists in: transmitting (X 2 , Y 2 ) session numbers (NSX, NSY) and session keys (KSX, KSY) to the entities; applying (X 6 , X, Y 6 , Y 8 ) the session number and key to an algorithm (ASX, ASY) in the processing means and the respective entity to produce a result (REX, REY) and signature (SGY, SGY); transmitting (X 7 , Y 7 ) the numbers and the signatures to the processing means; and executing (F 10 ) the session corresponding to the numbers from the processing means when the signatures are identical (X 9 , Y 9 ) to the results. In another embodiment, one of the entities receives a delegation of a third entity to authorise execution of the session.

[0001] The present invention concerns in general terms the making secureof the execution of a session with a data processing means under thecontrol of first and second electronic entities.

[0002] For example, the data processing means is a multi-applicationsmart card in which some resources must be accessible provided that atleast two entities give authorisation to access this resource. This isbecause it is sometimes advantageous to make the writing in a file of asmart card or in more practical terms the debiting of an account in acard of the electronic purse type dependent on the authorisation of twoelectronic entities, such as bank and dispenser servers.

[0003] The present invention aims precisely to make secure thetriggering of a session in the processing means, such as a smart card,under the control of at least two electronic entities.

[0004] To this end, a method for making secure the execution of asession with a data processing means under the control of at least twoelectronic entities is characterised in that it comprises the followingsteps of:

[0005] transmitting session numbers and session keys from the processingmeans respectively to the entities,

[0006] applying the respective session number and the respective sessionkey to a respective security algorithm in the processing means and therespective entity in order to produce a respective result and arespective signature,

[0007] transmitting the respective session number and the respectivesignature from the respective entity to the processing means, and

[0008] executing the session from the processing means when thesignatures are respectively identical to the results.

[0009] So that the processing means can be assured that the execution ofthe requested session does indeed correspond to the session numbertransmitted initially, the respective results are written in memory inthe processing means respectively corresponding to the respectivesession numbers to be transmitted to the entities and are read incorrespondence with the respective session numbers transmitted by theentities to the processing means before being compared with therespective signatures.

[0010] In practice, each of the entities transmits to the processingmeans respective data with the respective session number and therespective signature. The data contain an agreement or refusal toexecute the session. Thus the session is executed if in addition theprocessing means detects in each of the data an acceptance of thesession by the respective entity.

[0011] According to a second embodiment, the session is executedprovided that one of the said at least two entities has receivedrespectively a delegation for the execution of a session by a thirdentity. In this second embodiment, the method comprises the followingsteps of:

[0012] transmitting respective delegation information in favour of oneof the said at least two entities from a third electronic entity to theprocessing means,

[0013] transmitting a session number, which is identical to therespective session numbers, and a third session key from the processingmeans to the third predetermined entity,

[0014] retransmitting the session number and the third session key bythe third entity to the said one entity, and

[0015] applying not only the session number and the respective sessionkey for the said one entity but also the third session key to therespective security algorithm in the said one entity and the processingmeans in order to produce the respective signature and the respectiveresult.

[0016] So that the said one entity is certain that the session whoseexecution is requested is validated by the third entity, the sessionnumber retransmitted by the third entity and the session numbertransmitted directly by the processing means to the said one entity arecompared in the said one entity, and at least the step of applying inthe said one entity is executed only when the session numbers comparedare identical.

[0017] The delegation can be transmitted to more than one entity. Thusat least one other entity of the said at least two entities is delegatedfrom the third entity so that the session is executed only when thesignatures and the results produced according to the session number, therespective session keys and the third key are respectively identical.

[0018] Other characteristics and advantages of the present inventionwill emerge more clearly from a reading of the following description ofseveral preferred embodiments of the invention with reference to thecorresponding accompanying drawings, in which:

[0019]FIG. 1 is a schematic block diagram of several electronic entitiesand of a data processing means of the smart card type in atelecommunication network for implementing the security method accordingto the invention;

[0020]FIG. 2 is an algorithm of steps of the security method with thedata processing means and two electronic entities according to a firstembodiment of the invention; and

[0021]FIG. 3 is an algorithm of steps of the security method with thedata processing means and a third electronic entity delegating to theprevious two entities, according to a second embodiment of theinvention.

[0022]FIG. 1 depicts a telecommunication network RT designating overallall the telecommunication network types such as a radio telephonenetwork, the switched telephone network, an integrated services digitalnetwork ISDN, a high-rate network such as an ATM network or theInternet, a packet transmission network etc. The network RT constitutesa means of communication between a data processing means CA and variouselectronic entities, three of which are depicted, EX, EY and EZ.

[0023] By way of example to which reference will be made subsequently,the data processing means is a controller, such as the microcontrollerof a smart card CA, in which a session must be initiated, which may be atask to be executed in the data processing means itself or an exchangeof data units, such as messages, with at least one of the entities EX,EY and EZ. Thus the data processing means can be not only a smart card,also referred to as a microcontroller card, but also any other portableelectronic object, such as an electronic assistant or organiser, anelectronic purse, a token or a pocket calculator.

[0024] An electronic entity, for example the entity EX or EY, is aserver distant from the card CA, for example belonging to the issuer ofthe card CA or in relationship with one of the applications implementedin the card CA.

[0025] In a variant, the entities EX and EY are themselves smart cardshoused in additional readers included in servers distant from the cardCA so that two administrators, possessors of the smart cards, enable asession through the smart card of a user.

[0026] The entity EZ can be a terminal TA accepting the smart card CA,such as a banking terminal, a point of sale terminal or a mobile radiotelephone terminal provided with an additional card reader, or a thirdserver as is provided in the second embodiment described below.

[0027] According to a first embodiment of the method of the invention,the execution of a session with the smart card CA is made secure underthe control of two entities EX and EY.

[0028] For example, the smart card CA is a card with a loyalty pointsaccount issued by a fuel distribution company. After insertion in aterminal TA at a service station, as the entity EZ, the card CA isenabled to be debited only by the two entities EX and EY so that theholder of the card receives the article of his choice corresponding to adebiting of points. The first entity EX is an article supplier serverwhich simply authorises the card CA to be debited after recognitionthereof. The second entity EY is a server belonging to the fueldistribution company which verifies not only the identity of the card CAbut also the points account contained therein in order to authorise thedebiting of the account in the card CA. Thus the session consisting hereof debiting the loyalty points account in the card CA is authorised onlyafter the identification of the card by the two entities EX and EY andthe acceptance of the debiting by the entity EY, or in more global termsafter the acceptance of the execution of the “debiting of points”session by the two entities EX and EY.

[0029] According to another example, the possessor of the card CA mustobtain the authorisation of other two smart card possessors, as entitiesEX and EY, for example in order to access predetermined files in anIntranet. The “administering” cards EX and EY are then inserted in thereaders of terminals in the network in order to transmit to the card CAan acceptance or refusal of the session according to rights of access tothe predetermined files.

[0030] It is assumed in advance that the smart card CA is preferablyproactive and can thus itself trigger actions towards the outside worldconsisting in particular of the telecommunication network RT through theaccepting terminal TA, which is then transparent to these actions,although in a variant certain actions can be triggered by the acceptingterminal TA itself. The card CA by nature has a privileged link with theentities EX and EY and contains in non-volatile memory EEPROMdestination addresses ADX and ADY of the entities EX and EY, such astheir telephone numbers or their IP (Internet Protocol) addresses. Thenon-volatile memory of the card CA also contains public enciphering keysKPX and KPY respectively associated with the entities EX and EY.

[0031] The security method according to the first embodiment shown inFIG. 2 first of all comprises two sets of steps X1 to X9 and Y1 to Y9,which are respectively associated with exchanges between the card CA andthe first entity EX on the one hand and the card CA and the secondentity EY on the other hand, and then final steps F9 to F15. Steps X1 toX9 being respectively identical to steps Y1 to Y9, the method is firstof all described in detail only for exchanges between the card CA andthe first entity EX.

[0032] As soon as the card CA decides to execute a session, for examplefollowing a request from the accepting terminal TA, the card CAinitiates an authentication of the card CA by the first entity EX, atstep X1. The authentication is conventional and consists essentially oftransmitting a random number by the first entity EX to the card CA andcomparing in the entity EX the results of the application of this randomnumber and of an authentication key both prestored in the card CA andthe entity EX, performed both in the card CA and the entity EX.Conversely, the card CA authenticates the entity EX. More completely ina variant, the authentication is mutual, that is to say theauthentication comprises an authentication of the card CA by the entityEX and an authentication of the entity EX by the card CA.

[0033] In a variant, the security method contains no authentication.

[0034] If after optional authentication the card CA receives noinvalidation message, the card CA generates a session key KSX which maybe random and associates therewith a session number NSX at step X2.Then, after having stored the key KSX and the number NSX incorrespondence, the card CA prepares a message to be transmitted to theentity EX, containing the respective session number NSX and therespective session key KSX which were enciphered by means of therespective public enciphering key KPX. The enciphered message MEX thusformed is transmitted by the card CA to the entity EX at step X3.

[0035] After deciphering of the message formulated according to aprivate deciphering key corresponding to the public card key KPX at stepX4, the entity EX establishes first data DX in particular to indicateits acceptance of the session to be executed, or where applicable itsrefusal, at step X5. Then the entity EX determines a signature SGXresulting from the application of the session number NSX and of thesession key KSX received to a first security algorithm ASX, at step X6.The entity EX constructs a control message CX which contains the sessionnumber NSX, the signature SGX=ASX (NSX, KSX) and the data DX and whichis transmitted to the card CA at step X7. The content of the controlmessage CX is preferably enciphered in a similar manner to that of themessage MEX.

[0036] In the card CA, after the transmission of the enciphered messageMEX at step X3, there is also determined a result REX of the applicationof the session number NSX and of the session key KSX to the firstsecurity algorithm ASX, at step X8. The result REX is written innon-volatile memory in the card CA until it is read at step X9, inresponse to the control message CX. At this step X9, the signature SGXreceived by the card and corresponding to the session number NSX iscompared with the result REX stored in the card. If the signature SGX isdifferent from the result REX, the session requested by the terminal TAwith the card CA is refused by the latter.

[0037] Otherwise, when the signature SGX is identical to the result REX,the method passes to the final steps since steps Y1 to Y9 also result ina step Y9 according to which a second signature SGY transmitted by theentity EY is identical to a second result REY determined by the card CA.As is clear in FIG. 2, steps Y1 to Y9 are derived from the previouslydescribed steps X1 to X9, replacing the letter X with the letter Y. Thusthe second result REY results from the application in the card CA of asecond session number NSY and of a session key KSY, which may be random,both generated at step Y2 by the card CA, to a second security algorithmASY. The second signature SGY results from the application in the secondentity EY at step Y4 of the session number NSY and of the session keyKSY transmitted in enciphered form in a message MEY by the card CA atstep Y3, to the second security algorithm ASY. The second entity EYtransmits, at step Y7 also in a control message CY, preferablyenciphered, the number NSY and the signature SCY as well as second dataDY representing the acceptance of the execution of the session via theentity EY or a refusal thereof.

[0038] After identity of the first signature SGX and of the first resultREX at step X9 and identity of the second signature SGY and of thesecond result REY at step Y9, the card CA compares the data DX and DY atstep F9. If one or other of the data DX and DY represents a refusal, orif one NSX or the other NSY of the session numbers retransmitted by theentities EX and EY is different from the number allocated at step X2 orY2, the session requested is not executed. Otherwise the data DX and DYrepresent an acceptance of the session corresponding to the numbersreceived NSX and NSY by the entities EX and EY and the method iscontinued by the execution of the session at step F10.

[0039] According to other variants of the first embodiment, the firstsession number NSX allocated at the data exchange between the firstentity EX and the card CA and the second session number NSY allocated atthe data exchange between the card CA and the second entity EY areidentical, and the first and second security algorithms ASX and ASY areidentical.

[0040] According to a first variant of final steps shown in short brokenlines in FIG. 2, the smart card CA transmits respective acknowledgementsACKX and ACKY to the first and second entities EX and EY when both thefirst signature SGX is identical to the first result REX and the secondsignature SGY is identical to the second result REY, at steps X9 and Y9.Preferably the transmission of the first and second acknowledgementsACKX and ACKY occur rather after the final step F9, when the card CA hasdetected in the first and second data DX and DY an acceptance of thesession by the entities EX and EY. By virtue of these twoacknowledgements, the entities EX and EY each know that the other entityhas accepted the session. The session can be executed at the followingstep F10 as illustrated in FIG. 2, or in a variant previously to thetransmissions of the acknowledgements ACKX and ACKY.

[0041] According to a second variant of final steps, after the findingof the identities of signature and result at steps X9 and Y9, preferablyafter the detection of an acceptance of the session by the entities EXand EY, the card CA produces, at a step F11, a word ACK representing thesession to be executed at a step F10. In this regard, the session can beexecuted at step F10 before the transmission of the word ACK at step F11as illustrated in FIG. 2, or in a variant after step F11.

[0042] More precisely, according to this second variant, the card CAproduces a first word signature SAX resulting from the application ofthe representative word ACK and of the first session key KSX to thefirst security algorithm ASX, and a second word signature SAY resultingfrom the application of the representative word ACK and of the secondsession key KSY to the second security algorithm ASY. The card CAencapsulates the word ACK and the word signatures SAX and SAY in amessage AY in order to transmit it to one of the entities, for examplethe second entity EY, at a step F12.

[0043] The second entity EY verifies the correspondence between thereceived word ACK representing the session and the second respectiveword signature SAY according to the respective session key KSY which hasbeen received and stored in the entity EY at step Y4, by applying thereceived word ACK and the key KSY to the second algorithm ASY so as toproduce a result which is compared with the second received signatureSAY, at a step F13. If this comparison is positive, that is to say ifthe received word ACK corresponds to the signature SAY, the secondentity EY transmits a message AX containing the word ACK representingthe session and the other signature, that is to say the first wordsignature SAX=ASK (ACK; KSY), to the other entity EX at a step F14. Onreception of the message AX, the first entity EX verifies thecorrespondence between the representative word ACK and the firstreceived word signature SAX according to the respective session key KSXwhich has been received and stored in the entity EX at step X4. Thisverification consists of applying the received word ACK and the firstsession key KSX to the first security algorithm ASX and comparing theresult produced by this algorithm with the received signature SAX at astep F15.

[0044] If at step F13 the entity EY finds a lack of correspondencebetween the representative session word ACK and the second wordsignature SAY, the entity EY ignores the result of the session executedand does not transmit the message AX to the entity EX or transmits anegative acknowledgement message to the entity EX; in a variant, theentity EY also proceeds with a cancellation of the session when it isstill to be executed in the card CA via the terminal TA. Likewise, whenthe first entity EX finds a lack of correspondence between therepresentative session word ACK and the first word signature SAX, theentity EX ignores the result of the executed session and preferablysignals it to the entity EX; in a variant, the entity EX also proceedswith a cancellation of the session in the card CA when it is to beexecuted.

[0045] In a variant, the acknowledgement message ACKX and ACKY, and/orthe messages AX and AY, are enciphered.

[0046] Although the first embodiment has been described with twoentities EX and EY, the invention also encompasses embodiments with morethan two entities which must each give its acceptance to the card CAaccording to steps X1 to X9, Y1 to Y9 in order to authorise execution ofthe session. In particular, for the second variant shown at the bottomof FIG. 2, step F11 produces as many word signatures SAX, SAY as thereare entities EX, EY, and each of these entities performs a step F13, F15during which it verifies the correspondence between the word ACKrepresenting the session and the respective word signature SAX, SAYaccording to the respective session key KSX, KSY, and so on until thelast entity.

[0047] According to a second embodiment of the security method accordingto the invention, a third electronic entity EZ intervenes. When the cardCA decides to execute a predetermined session, it routinely interrogatesthe third entity EZ which does not have enough information to decidewhether or not it accepts the requested session; the entity EZ thendelegates this decision for a predetermined period to the first andsecond entities EX and EY by transmitting to them first and seconddelegation information IDX and IDY respectively.

[0048] According to a complementary variant, if the commands executed inthe session of step F10 require the intervention of the entity EZ and ifthe entity EZ cannot or does not wish to intervene in this interactiveexchange, the delegation enables the entity EZ to indicate to the cardCA that the entity EX, EY which has received the delegation has theright to act on behalf of the entity EZ.

[0049] For example, as shown in FIG. 1, the third entity EZ, thedelegator, is a server of a bank which, during an annual holiday period,allows credit to the card owner CA, and subsequently confides in a firstserver EX of a commercial site connected to the Internet and presentingproducts to be purchased and also in a second server EY of a productsupplier. When the user, the delegatee, decides, by means of its owncomputer terminal TA connected to the network RT and provided with anadditional card reader in which the card CA is inserted, to purchase aproduct from the server EX, this transaction is triggered by the bankserver EZ which has verified that the account corresponding to the smartcard CA has an authorised credit and which has the transaction relayedby the servers EX and EY, the delegates, in so far as the latter havereceived a validation in the form of a key KSZ supplied by the card CAand retransmitted by the server EZ, as will be seen below.

[0050] It is assumed in this second embodiment that the entities EX andEY have already had knowledge of the delegation transmitted by the thirdentity EZ.

[0051] As is clear by comparing FIGS. 2 and 3, the second embodiment ofthe method according to the invention first of all comprises steps Z1 toZ7 relating to exchanges of data between the third entity EZ and thesmart card CA. In a similar manner to the first embodiment, the card CAcontains in non-volatile memory the destination addresses ADX, DAY andADZ of the entities EX, EY and EZ as well as public enciphering keysKPX, KPY and KPZ associated with these entities.

[0052] At the first step Z1, following a session execution request bythe card CA transmitted to the entity EZ, the entity EZ authenticatesthe card CA, or in a variant the entity EZ and the card CA authenticateeach other mutually.

[0053] In a variant, the second embodiment of the security methodcontains no authentication.

[0054] After optional authentication, the entity EZ supplies the firstand second items of delegation information IDX and IDY to the card CA.Each of the first and second items of delegation information containsfor example the address ADX, ADY, or other delegate identifier, of theentity EX, EY, and the number of authorities required for executing thesession, that is to say the number of entities such as the entities EXand EY whose acceptance is required for executing the session. Thus, atstep Z2, the third entity EZ transmits the first and second items ofdelegation information IDX and IDY as well as the source address ADZ ofthe entity EZ to the card CA in the form of a message which is signedwith the private key of the third entity EZ corresponding to the publickey KPZ, and then enciphered with the public key KPCA of the card CA.After deciphering, signature verification and storage of the informationIDX and IY at step Z3, the card CA generates a session number NS as wellas three session keys KSX, KSY and KSZ, which may be random, andassociates them respectively with the entities EX, EY and EZ incorrespondence with the session number NS, at step Z4. These fourparameters NS, KSX, KSY and KSZ are stored in the card in order to servein the subsequent steps.

[0055] At the following step Z5, the card CA enciphers the sessionnumber NS and the third session key KSZ with the enciphering key KPZ inorder to transmit them in an enciphered message MEZ to the third entityEZ. After deciphering of the message MEZ and storage of the number NSand of the session key KSZ at step Z6, the entity EZ establishes twomessages MZX and MZY transmitted respectively to the entities EX and EY.The first message MZX comprises the session number NS and the thirdsession key KSZ and the destination address ADX which are enciphered bymeans of the public key KPX of the first entity EX. The second messageMZY also comprises the number NS, the key KSZ and the address ADY whichare enciphered by means of the public key KPY of the second entity EY.Messages MZX and MZY are respectively received by the entities EX and EYin order to be deciphered therein by means of their private encipheringkeys and to be stored therein at following steps Z8X and Z8Y.

[0056] In parallel with steps Z4 to Z7, the card CA performs steps X1 toX4 and Y1 to Y4, substantially identical to those already described withreference to FIG. 2, in response to the delegation information IDX andIDY received at step Z3, so as to authenticate the card CA by means ofthe entities EX and EY delegated by the entity EZ and to transmitenciphered messages MEX[NS, KSX] and MEY[NS, KSY] by the card CA to theentities EX and EY and to decipher these messages at steps X4 and Y4.

[0057] Then, at a step Z9X, Z9Y in the entity EX, EY, the session numberNS stored at step Z8X, Z8Y and transmitted by the third entity EZ iscompared with the session number NS and transmitted by the card CA anddeciphered at step X4, Y4, by analogy with the comparison of the sessionnumber received and stored NSX, NSY at step F9. If the session numbersare different, the entity EX refuses the requested session. Otherwisethe two session numbers are identical and data DX, DY representing anacceptance of the session by the delegated entity EX, EY at the stepwhere X5, Y5 are established. The method is continued with steps X6Z andX7Z, Y6Z and Y7Z replacing respectively steps X6 and X7, Y6 and Y7, andbeing distinguished from these by the fact that the signature SGXZ, SGYZis determined by applying the session number NS validated at theprevious step Z9X, Z9Y, the session key KSX, KSY received and decipheredat step X4 and the third session KSZ received, deciphered and stored atstep Z8X, Z8Y, to the security algorithm ASX, ASY. The session numberNS, the signature SGXZ, SGYZ and the data DX, DY are preferablyenciphered and encapsulated in a message CXZ, CYZ which is transmittedto the card CA.

[0058] In parallel to steps X4 to X7Z, Y4 to Y7Z, a result REXZ, REYZ isdetermined in the card at a step X8Z, Y8Z replacing step X8, Y8, byapplying the session number NS, the key KSX, KSY and the third key KSZto the security algorithm ASX, ASY.

[0059] The following step X9Z, Y9Z in the card CA compares the signatureSGXZ, SGYZ with the result REXZ, REYZ so as to pass to the final step F9when the identities SGXZ=REXZ and SGYZ=REYZ are verified.

[0060] By virtue of the transmission of the third key KSZ by the card CAthrough the third entity EZ and the transmission of the keys KSX and KSYby the card CA directly to the entities EX and EY, the transmission ofthe signatures SGXZ and SGYZ dependent on these two pairs of keys withacceptance data DX and DY to the card CA ensure that the entities EX andEY have recovered the delegation of the entity EZ and are authorised togive the instruction to execute the number session NS by delegation.

[0061] According to a third embodiment combining the first and secondembodiments, only one of the entities EX and EY, for example the firstentity EX, is delegated by the third entity EZ. A session is executedonly when the card CA has received the acceptance of the entity EX bydelegation from the entity EZ and the acceptance of the entity EYindependent of the entity EZ.

[0062] For the third embodiment, the left-hand part of the algorithm inFIG. 3 with respect to the card CA, that is to say steps Z1 to Z7omitting IDY(ADY), KSY and KPY and steps Z8X to X9Z, is preserved, andthe right-hand part of the algorithm in FIG. 3 concerning therelationships with the entity EY is replaced by the steps Y1 to Y9 tothe right in FIG. 2, in order finally to compare the signature SGXZ withthe result REXZ and the signature SGY with the result REY at steps X9Zand Y9 before reading the received data DX and DY in the card CA at stepF9.

1. A method for making secure the execution of a session with a dataprocessing means (CA) under the command of at least two electronicentities (EX, EY), characterised in that it comprises the followingsteps of: transmitting (X2, Y2) session numbers (NSX, NSY) and sessionkeys (KSX, KSY) from the processing means (CA) respectively to theentities (EX, EY), applying (X6, X8; Y6, Y8) the respective sessionnumber (NSX, NSY) and the respective session key (KSX, KSY) to arespective security algorithm (ASX, ASY) in the processing means (CA)and the respective entity (EX, EY) in order to produce a respectiveresult (REX, REY) and a respective signature (SGX, SGY), transmitting(X7, Y7) the respective session number (NSX, NSY) and the respectivesignature (SGX, SGY) from the respective entity to the processing means,and executing (F10) the session corresponding to the session numbersretransmitted (NSX, NSY) from the processing means (CA) when thesignatures are respectively identical (X9, Y9) to the results.
 2. Amethod according to claim 1, according to which the respective results(REX, REY) are written (X2, Y2) in memory in the processing means (CA)respectively in correspondence with the respective session numbers (NSX,NSY) to be transmitted to the entities (EX, EY), and are read (X9, Y9)in correspondence with the respective session numbers transmitted by theentities to the processing means before being compared with therespective signatures (SGX, SGY).
 3. A method according to claim 1 or 2,according to which each of the entities (EX, EY) transmits (X5, X7; Y5,Y7) to the processing means (CA) respective data (DX, DY) with therespective session number (NSX, NSY) and the respective signature (SGX,SGY), and the session is executed if in addition the processing meansdetects in each of the data an acceptance of the session by therespective entity.
 4. A method according to any one of claims 1 to 3,according to which, before being transmitted from the processing means(CA), the respective session number (NSX, NSY) and the respectivesession key (KSX, KSY) are enciphered (X3, Y3) by a respectiveenciphering algorithm with a respective public key (KPX, KPY) for eachof the entities (EX, EY).
 5. A method according to any one of claims 1to 4, according to which the processing means (CA) transmits (F9Y, F9Z),respective acknowledgements (ACKX, ACKY) to the respective entities (EX,EY) at least when the signatures (SGX, SGY) are respectively identicalto the results (REX, REY).
 6. A method according to any one of claims 1to 4, according to which the processing means (CA) produces (F11) a word(ACK) representing the session when the latter is to be executed,respective word signatures (SAX, SAY) each resulting from theapplication of the said representative word and of the respectivesession key (KSX, KSY) to the respective security algorithm (ASX, ASY),in order to transmit (F12) the representative word and the wordsignatures to one (EY) of the entities so that it verifies (F13) thecorrespondence between the representative word (ACK) and the respectiveword signature (SAY) according to the respective session key (KSY) and,when there is a correspondence, transmits (F14) the said representativeword (ACK) and the other respective word signatures (SAX) to anotherentity (EX which verifies (F15) the correspondence between therepresentative word (ACK) and the respective word signature (SAX)according to the respective session key (KSX), and so on until the lastentity.
 7. A method according to any one of claims 1 to 6, comprisingfirst an authentication (X1, Y1) of the processing means (CA) by theentities (EX, EY) and/or vice-versa.
 8. A method according to any one ofclaims 1 to 7, comprising the following steps of: transmitting (Z2)respective delegation information (IDX, IDY) in favour of one of thesaid at least two entities (EX, EY) from a third electronic entity (EZ)to the processing means (CA), transmitting (Z4, Z5) a session number(NS), which is identical to the respective session numbers (NSX, NSY),and a third session key (KSZ) from the processing means (CA) to thethird predetermined entity (EZ), retransmitting (Z7) the session number(NS) and the third session key (KSZ) by the third entity (EZ) to thesaid one entity (EX), and applying (X6Z) not only the session number(NS) and the respective session key (KSX) for the said at least oneentity (EX) but also the third session key (KSZ) to the respectivesecurity algorithm (ASX) in the said at least one entity (EX) and theprocessing means (CA) in order to produce the respective signature (SGX)and the respective result (REX).
 9. A method according to claim 8,according to which the delegation information (IDX, IDY) is signed witha private key of the third entity (EZ) and then enciphered with a publickey (KPCA) of the processing means (CA).
 10. A method according to claim8 or 9, according to which the session number (NS) retransmitted (Z7) bythe third entity (EZ) and the session number transmitted (X2) directlyby the processing means (CA) to the said one entity (EX) are compared(Z9X) in the said one entity (EX), and at least the step of applying(X6Z) in the said one entity is executed only when the session numberscompared are identical.
 11. A method according to any one of claims 8 to10, according to which, before being transmitted and retransmitted (Z5,Z7), the session number (NS) and the third session key (KSZ) areenciphered with a third public key (KPZ) of the third entity (EZ), andthen with a public key (KPX) of the said one entity (EX).
 12. A methodaccording to any one of claims 8 to 11, according to which at least oneother entity (EY) of the said at least two entities is delegated by thethird entity (EX) so that the session is executed only when thesignatures (SGXZ, SGYZ) and the results (REXZ, REYZ) produced accordingto the session number (NS), the respective session keys (KSX, KSY) andthe third session (KSZ) are respectively identical.
 13. A methodaccording to any one of claims 1 to 12, according to which theprocessing means (CA) and/or at least one of the entities (EX, EY, EZ)is a smart card.